Vulmon Recent Vulnerabilities Research Posts Trends Blog About Contact
NA

CVE-2015-1427

Vulnerability Summary

This Metasploit module exploits a remote command execution (RCE) vulnerability in ElasticSearch, exploitable by default on ElasticSearch before 1.4.3. The bug is found in the REST API, which does not require authentication, where the search function allows groovy code execution and its sandbox can be bypassed using java.lang.Math.class.forName to reference arbitrary classes. It can be used to execute arbitrary Java code. This Metasploit module has been tested successfully on ElasticSearch 1.4.2 on Ubuntu Server 12.04.

Exploits

Exploit DB: ElasticSearch Search Groovy Sandbox Bypass
This Metasploit module exploits a remote command execution (RCE) vulnerability in ElasticSearch, exploitable by default on ElasticSearch prior to 143 The bug is found in the REST API, which does not require authentication, where the search function allows groovy code execution and its sandbox can be bypassed using javalangMathclassforName to ...

References

https://packetstormsecurity.com/files/130799/ElasticSearch-Search-Groovy-Sandbox-Bypass.html
CVSSv3
CVSSv2
CVSSv3
VMScore
Recommendations:
CVE-2022-48693CVE-2024-30851CVE-2024-34460CVE-2024-2887localCVE-2024-27956remote code executionCVE-2024-34475privilege
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started

Vulmon Search

Vulmon Search is a vulnerability search engine. It gives comprehensive vulnerability information through a very simple user interface.

About

Home Recent Vulnerabilities Research Posts Trends Blog About Contact

Products

Vulmon Search Vulmon Research Vulmon Alerts Vulmap

Connect

Twitter Reddit Linkedin Facebook